kdelibs3 -- konqueror FTP command injection vulnerability

Details

VuXML ID

832e9d75-5bfc-11d9-a9e7-0001020eed82

Discovery

2004-12-01

Entry

2005-01-01

Modified

2005-01-04

Albert Puigsech Galicia reports that Konqueror (more
specifically kio_ftp) and Microsoft Internet Explorer are
vulnerable to a FTP command injection vulnerability which
can be exploited by tricking an user into clicking a
specially crafted FTP URI.

It is also reported by Ian Gulliver and Emanuele Balla that
this vulnerability can be used to tricking a client into
sending out emails without user interaction.